Professional Documents
Culture Documents
Page | 1
Business Process Management (BPM): BPM may be defined as: “The achievement
of an organization’s objectives through the improvement, management and
control of essential business processes”.
• Control: It has been said that BPM is about managing our end-toend
business and If we cannot measure something, we cannot control
and manage it.
Page | 2
BPM Principles and Practices
BPM Principles:
BPM Practices:
Page | 3
Business Processes and Process flow
Organizations have many different business processes such as completing a sale,
purchasing raw materials, paying employees etc.
Some of the key Business Processes pertaining to accounting, sales and purchase
are explained below:
Accounting:-
(a) Source Document: a document the capture data from transactions and
events (eg. Invoice, Cash Receipt).
(b) Journal: transactions are recorded into journals from the source
document.
(c) Ledger: entries are posted to the ledger from the journal.
(d) Trial Balance: unadjusted trial balance containing totals from all account
heads is prepared.
Page | 4
Sales:-
The typical life cycle of a sales transaction which may include the following
transactions:
(i) Customer Order: a purchase order received from a customer specifying the
type, quantity and agreed prices for products.
(ii) Recording: availability of the items is checked and customer order is booked.
(iii) Pick release: the items are moved from the warehouse to the staging area.
(iv) Shipping: the items are loaded onto the carrier for transport to the customer.
(v) Invoice: invoice of the transaction is generated and sent to the customer.
(vi) Receipt: money is received from the customer against the invoices.
Page | 5
Purchase:-
Typical life cycles of a purchase transaction which may include the following
transactions are stated below:
(c) Quotation: the vendors provide cost quotations for the supply of
products.
Page | 6
Organizational business processes: These are high-level processes
that are typically specified in textual form by their inputs, their
outputs, their expected results and their dependencies on other
organizational business processes. Organizational business process
to manage incoming raw materials provided by a set of suppliers is
an example of an organizational business process.
BPM Implementation
Page | 7
• Methods to be used: Six Sigma, BPM Life Cycle Method, TQM, Informal
methods
• Skills Required: Consultants, Train Employees, Formal Certification, Basic
Education, Existing Skill sets
• Tools to be used: White-Boards, Sticky Notes, Software For Mapping,
Software for Simulation
• Investments to Make: Training, Tools, Time
• Create the long-term future positioning of the business and enhance its
future capability;
Page | 8
• Introduce leadership and a role for managers and empowered staff.
BPM Technology
By including Technology in BPM, the organization can manage the flow of activities
along different applications, and the people involved and also reduce execution
time.
Page | 9
Benefits & Risks in Business Process Automation (BPA)
BPA is a strategy to automate business processes so as to bring
benefit to enterprise in terms of cost, time and effort. The key
benefits and risks of BPA are given below:
• Benefits:-
Saving on costs: Automation leads to saving in time and labour costs.
• Risks:-
Risk to jobs: Jobs that were earlier performed manually by several
employees would post-automation would be mechanized,
thereby posing a threat to jobs.
False sense of security: Automating poor processes will not gain better
business practices.
Page | 10
An Accounting Information System which is known as AIS is defined as a system
of collection, storage and processing of financial and accounting data that is used
by decision makers. An accounting information system is generally a computer-
based method for tracking accounting activity
Page | 11
Processing Cycles of an Accounts BPM
Page | 12
Ledger. It involves capturing and recording of customer orders; shipment
of the goods; and recording of the cost of goods sold. The billing process
and the recording of sales and accounts receivable; the capturing and
recording of cash receipts.
(vi) Data Processing Cycle: It may be noted, that all the above cycles
of processing involves data processing activities which has been
updated and stored. The stored information has details about
the resources affected by the event and people / personnel who
participated in the activity.
Page | 13
updating as each transaction occurs, it is referred to as on-line,
real-time processing.
BPM Systems or suites (BPMS) are a new class of software that allows enterprises to
devise process centric IT solutions.
Benefits of BPMS
BPMS, as a technology, can deliver endless benefits to any sized organization but
more importantly these benefits are unique to a company:
Page | 14
(c) Operational Savings: BPM focuses on optimization of processes.
The processes that are repetitive are optimized and lead to
reduced expenses which translate to immediate cost savings. By
automating a task, ROI of BPM that requires six hours of manual
intervention, one can expect to cut that time to half.
Page | 15
• Superficial or deficient executive involvement
• Technological obsolescence.
This has a few important key words, which need clear understanding:
Page | 16
Radical redesign means BPR is reinventing and not enhancing or
improving. In a nutshell, a “clean slate approach” of BPR says
that “Whatever you were doing in the past is all wrong”, do not
get biased by it or reassemble, the new system is to be
redesigned afresh.
(iii) Business needs analysis: It is important to identify exactly
what current processes need reengineering. This would help
determine the strategy and goals for BPR. A series of sessions
are held with the process owners and stakeholders and all the
ideas would be evaluated to outline and conceptualize the
desired business process. The outcome of this analysis would
be BPR project .
(v) Effective change management: BPR involves changes in
people behaviour and culture, processes and technologies.
Hence, resistance would be a natural consequence which
needs to be dealt with effectively. The success of BPR
depends on how effectively management conveys the need
for change to the people.
Page | 19
Public Network Network established for all users across the world is known
as public network. Internet is an example of public network.
Page | 20
· Machines are spread over a small geographic region.
A MAN can support both data and voice. Cable television networks are
examples of MANs that distribute television signals. A MAN just has one or
two cables and does not contain switching elements.
Page | 21
· Communications channels between the machines are usually
furnished by a third party (for example, the Telephone
Company, a public data network, a satellite carrier).
Network Architecture
Advantages:
(i) A client server can be scaled up to many services that can also be
used by multiple users.
(ii) A client server enables the roles and responsibilities of a
computing system. This means that it can update all the
computers connected to it. An example of this would be software
updates or hardware updates.
(iii) All the data is stored on the servers, which generally have far
greater security controls than most clients.
Page | 22
Disadvantages:
(i) When the server goes down or crashes, all the computers connected to
it become unavailable to use.
(ii) Simultaneous access to data and services by the user takes little more
time for server to process the task.
Advantages:
(i) Peer to Peer Networks are easy and simple to set up and only
require a Hub or a Switch to connect all the computers together.
Disadvantages:
(i) There can be problem in accessing files if computers are not connected
properly.
Page | 23
(ii) It does not support connections with too many computers.
Components of a Network
5. Communication software
(i) Network Interface Card (NIC): Every computer in a network has a special card
called an Network Interface Card (NIC) which provides the connector to attach the
network cable to a server or a workstation. The on-board circuitry then provides the
protocols and commands required to support this type of network card. An NIC has
additional memory for buffering incoming and outgoing data packets, thus
Page | 24
improving the network throughput. A slot may also be available for remote boot
PROM, permitting the board to be mounted in a diskless workstation.
• Each NIC has 8 bytes permanent and unique MAC (Media Access Control)
address provided by manufacturer. This address is also
known as Physical
Address.
• The NIC requires drivers to operate.
(ii) Switch and Router: These are hardware devices used to direct messages
across a network. Switches create temporary point to point links between two
nodes on a network and send all data along that link. Router is a kind of connecting
device which makes forwarding decisions of data packet on the basis of network
addresses.
The primary purpose of a router is to examine the source and
destination IP addresses of data packets it receives and to direct
those packets out the appropriate port and over the best path
available at the time.
(iii) Hub: A hub is a multi port connecting device that is used to interconnect
LAN devices. Each node is connected to the hub by means of simple twisted pair
wires. The hub then provides a connection over a higher speed link to other LANs,
the company’s WAN, or the Internet. A hub can be used to extend the physical
length of a network. Hubs can be active or passive.
Page | 25
(iv) Bridges, Repeaters and Gateways: Workstations in one network often
need access to computer resources in another network or another part of a WAN.
For example, an office manager using a local area network might want to access an
information service that is offered by a WAN over the public phone system. In order
to accommodate this type of need, bridges and routers are often necessary.
In other words, MODEM is a device that converts a digital computer signal into
an analog telephone signal (i.e. it modulates the signal) and converts an analog
telephone signal into a digital computer signal (i.e. it demodulates the signal) in
a data communication system.
Page | 26
Modems are used for handling data flow from an input device to the CPU and vice
versa through the common carrier network. MODEMs are required to tele-
communicate computer data with ordinary telephone lines because computer
data is in digital form but telephone lines are analogue.
(i) Guided Media: Guided Transmission Media uses a "cabling" system that guides the
data signals along a specific path. The types of guided media are described as follows:
Page | 27
Shielded Twisted-Pair (STP) cables are surrounded by an additional shielding,
which makes STP cables more secure, less prone to interferences but expensive.
Cost of these cable are comparably very low. Twisted-Pair cables can carry data
at a speed of 10 Mbps, 100 Mbps and 1000 Mbps and can transmit data up to
100 meters.
Co-axial cables: Also called as coax, these contain central copper wire as its core
that is surrounded by two layers of protective shielding. This shielding reduces
electromagnetic interference. Co-axial cables used in computer networks are
of two type thick co-axial and thin co-axial cable. Coax can transmit data at a
maximum speed of 10 Mbps up to 500 meters.
Optical Fiber: An optical fiber (or fiber) as shown in Fig 3.4.3.3 is a glass or plastic
fiber that carries light along its length. Fibers are used instead of metal wires
because signals travel along them with less loss, and they are immune to
electromagnetic interference. Optical Fiber cables permits transmission over
longer distances and at higher data rates (called bandwidth), than other forms
of communications.
Page | 28
(ii) Unguided Media: Unguided Transmission Media consists of a means for the data
signals to travel but nothing to guide them along a specific path. The data signals
are not bound to a cabling media and as such are often called Unbound Media.
Some of the common examples of unguided media are Radio wave, Microwave and
Infrared wave.
Page | 29
· Access control: Linking and disconnecting the different devices;
automatically dialing and answering telephones; restricting access
to authorized users; and establishing parameters such as speed,
mode, and direction of transmission.
· Data and file transmission: Controlling the transfer of data, files, and
messages among the various devices.
· Error detection and control: Ensuring that the data sent was indeed the data
received.
Fat / Thick Client: A fat client or thick client is a client that performs the
bulk of any data processing operations itself, and does not necessarily rely
on the server. In, thick clients do not rely on a central processing server,
but the server is accessed primarily for storage purposes.
Thin Client: Thin clients use the resources of the host computer. A thin
client generally only presents processed data provided by an application
server, which performs the bulk of any required data processing. A thin
client machine is going to communicate with a central processing server,
meaning there is little hardware and software installed on the user's
machine.
Hybrid Client: A hybrid client is a mixture of the above two client models.
Similar to a fat client, it processes locally, but relies on the server for
storing persistent data. This approach offers features from both the fat
client (multimedia support, high performance) and the thin client (high
manageability, flexibility). Hybrid clients are well suited for video
gaming.
Multi-Tier Architecture
Page | 31
Single Tier Systems/ One-Tier Architecture
Page | 32
-Since processing is shared between the client and server, more users could
interact with system.
-By having simple structure, it is easy to setup and maintain entire system
smoothly.
n-Tier Architecture
ii. Application Tier: Also called the middle tier, logic tier,
business logic or logic tier, this tier is pulled from the
presentation tier. It controls application functionality by
performing detailed processing.
Page | 33
iii. Data Tier: Houses database servers where information is
stored and retrieved. Data in this tier is kept independent of
application servers or business logic.
Network Computing
Page | 35
Network Topologies
Four basic topologies used in wide area and local area telecommunications
networks are the:
2. Ring network
3. Bus network
4. Mesh Network
1. If one of the microcomputers fails, it will not affect the entire network.
2. Requires the least amount of cable to connect the computers together
and therefore is less expensive than other cabling arrangements.
Page | 36
2. Each connection between two cables weakens the electrical signal.
Ring Network:
A ring network is much like a bus network, except the length of wire, cable,
or optical fiber connects to form a loop. A ring network has a decentralized
approach.When one computer needs data from another computer, the data is
passed along the ring.
Mesh Network:
Page | 37
links. The reliability is very high as there are always alternate paths available if
direct link between two nodes is down or dysfunctional. Only military installations,
which need high degree of redundancy, may have such networks, that too with a
small number of nodes.
Protocols: A protocol is the formal set of rules for communicating, including rules for
timing of message exchanges, the type of electrical connection used by the
communications devices, error detection techniques, means of gaining access to
communications channels, and so on. The goal of communications network
architectures is to create more standardization and compatibility among
communications protocols.
Page | 38
The International Standards Organization (ISO) is working on the
establishment of a standard protocol for data transmission. They have developed
a seven-layer Open Systems Interconnection (OSI), which will include:
Page | 39
Layer 2 or Data Link Layer: The Data-Link layer ensures that an initial
connection has been set up, divides output data into data frames, and handles the
acknowledgements from a receiver that the data arrived successfully. The Data
Link Layer responds to service requests from the Network Layer and issues service
requests to the Physical Layer. Data Link Layer detects and possibly correct errors
that may occur in the Physical Layer.
Layer 1 or Physical Layer: This includes the layout of pins, voltages, cable
specifications, Hubs, repeaters, network adapters etc. It is the hardware layer
which specifies mechanical features as well as electromagnetic features of the
connection between the devices and the transmission.
The major functions and services performed by the Physical Layer are:
Internet’s TCP/IP
Many companies and other organizations are also converting their client/server
networks to
TCP/IP
Five levels of TCP/IP include:
Page | 40
2. Host-to-Host Transport layer
3. Internet Protocol (IP)
4. Network Interface
5. Physical layer
Threat: A threat is anything that can disrupt the operation, functioning, integrity,
or availability of a network or system. Network security threats can be
categorized into four broad themes:
For example, if a company’s external web site is hacked; the company’s integrity
is damaged. Even if the external web site is separate from the internal information
that sits behind a protective firewall, the public does not know that. All they know
is that if the company’s web site is hacked, then it is an unsafe place to conduct
business.
Structured Threats- These originate from individuals who are highly motivated and
technically competent. They can understand as well as create hacking scripts to
penetrate those network systems. Usually, these hackers are hired by industry
competitors, or state-sponsored intelligence organizations.
Page | 41
External Threats - These originate from individuals or organizations working
outside an organization, which does not have authorized access to organization’s
computer systems or network. They usually get access into a network from the
Internet or dialup access servers.
Internal Threats - These threats originate from individuals who have authorized
access to the network. These users either have an account on a server or physical
access to the network. An internal threat may come from a discontented former
or current employee. It has been seen that majority of security incidents originate
from internal threats.
The following facts are responsible for occurrence of vulnerabilities in the software:
Software Bugs: Some bugs might not have serious effects on the
functionality of the program and may remain undetected for a long time. A
program might crash when serious bugs are left unidentified. Another
category of bugs called security bugs may allow a malicious user bypass
access controls and obtain unauthorized privileges.
Page | 42
Trusting Untrustworthy information - This is usually a problem that affects
routers, or those computers that connect one network to another. When
routers are not programmed to verify that they are receiving information
from a unique host, bogus routers can gain access to systems and do
damage.
End users - Generally, users of computer systems are not professionals and
are not always security conscious. For example, when the number of
passwords of an user increases, user may start writing them down, in the
worst case to places from where they are easy to find. In addition to this
kind of negligence towards security procedures users do human errors.
(i) Preparing project plan for enforcing security: The project plan
components includes the objectives of the review, scope of the review
and tasks to be accomplished, assigning tasks to the project team after
organizing it, preparing resources budget.
(ii) Asset identification: Assets which need to be safeguarded can be
identified and subdivided into Personnel, Hardware, Facilities, Data,
Software.
(iii) Asset valuation: This step of valuation of assets can pose a difficulty. The
process of valuation can differ depending on who is asked to render the
valuation, the way in which the asset can be lost and the period for which
it is lost and how old is the asset.
(iv) Threat identification: The source of a threat can be external or internal
and the nature of a threat can be accidental / non-deliberate or
deliberate.
Page | 43
(v) Threats probability of occurrence assessment: This step is an
assessment of the probability of occurrence of threats over a given time
period.
(vi) Exposure analysis: This step is the Exposures Analysis by first identifying
the controls in the place, secondly assessing the reliability of the existing
controls, thirdly evaluating the probability that a threat can be successful
and lastly assessing the resulting loss if the threat is successful.
(vii) Controls adjustment: The involves the adjustment of controls which
means whether over some time period any control can be designed,
implemented and operated such that the cost of control is lower than
the reduction in the expected losses.
(viii) Report generation outlining the levels of security to be provided for
individual systems, end user, etc.: This is the last step that involves
report generation documenting, the findings of the review.
Page | 44
(i) Hardware encryption devices are available at a reasonable cost,
and can support high-speed traffic. If the Internet is being used to
exchange information among branch offices or development
collaborators, for instance, use of such devices can ensure that all
traffic between these offices is secure.
SFTP – The SSH File Transfer Protocol (also known as Secure FTP and SFTP)
is a computing network protocol for accessing and managing files on
remote file systems. Unlike standard File Transfer Protocol (FTP), SFTP
encrypts commands and data both, preventing passwords and sensitive
information from being transmitted in the clear over a network.
Message authentication makes sure that a message is really from whom it original
sender and that it has not been tampered with. Regardless of a company’s
individual needs, clearly defined Internet security policies and procedures should
always be part of any corporate Internet security strategy.
Page | 46
IDS Technologies: An Intrusion Detection System (IDS) is a device or software
application that monitors network or system activities for malicious activities.
Primary IDS technologies are defined as follows:
Page | 47
Network Administration and Management
• Operation deals with keeping the network (and the services that the network
provides) up and running smoothly.
• Administration deals with keeping track of resources in the network and
how they are assigned.
• Maintenance is concerned with performing repairs and upgrades—for
example, when equipment must be replaced.
• Provisioning is concerned with configuring resources in the network to
support a given service. For example, this might include setting up the
network so that a new customer can receive voice service.
Internet Applications
Internet can be used as a very effective media for various applications such as:
• Electronic commerce transactions between businesses and their suppliers and
customers
• The Internet provides electronic discussion forums formed and managed by
thousands of special-interest newsgroups.
• The Internet allows holding real-time conversations with other Internet users.
• The Internet allows gathering information through online services using web
browsers and search engines.
Page | 48
Business Use of the Internet
Intranet
Page | 49
Business Operations and Management: Intranets are being used as the platform for
developing and deploying critical business operations like:
Extranets:
An extranet is a private network that uses Internet technology and the public
telecommunication system to securely share part of a business's information or
operations with suppliers, vendors, partners, customers, or other businesses. An
extranet can be viewed as part of a company's intranet that is extended to users outside
the company.
• The extranets makes customer and supplier access of intranet resources a lot
easier and faster than previous business methods.
• Extranets enable and improve collaboration by a business with its customers
and other business partners.
• Extranets enable a company to offer new kinds of interactive Webenabled
services to their business partners. Thus, extranets are another way that a
Page | 50
business can build and strengthen strategic relationships with its customers
and suppliers.
• Extranets facilitate an online, interactive product development, marketing, and
customer-focused process that can bring better designed products to market
faster.
Protect the interests of the data owner: Extranet services need to be deployed in a
fast and flexible way, but with the complete assurance that only the correct users
can access the right services.
Page | 51
applications need to understand which extranet content and applications are most
successful.
Electronic Commerce
Benefits of e-Commerce
Problem of anonymity: There is need to identify and authenticate users in the virtual
global market where anyone can sell to or buy from anyone, anything from anywhere.
Data Loss or theft or duplication: The data transmitted over the Internet may be lost,
duplicated, tampered with or replayed.
Page | 52
Lack of audit trails: Audit trails in e-Commerce system may be lacking and the logs
may be incomplete, too voluminous or easily tampered with.
Problem of piracy: Intellectual property may not be adequately protected when such
property is transacted through e-Commerce.
Attack from hackers: Web servers used for e-Commerce may be vulnerable to
hackers.
Types of e-Commerce
B2B refers to the exchange of services, information and/or products from one
business to another.
Page | 53
The Business-to-Consumer (B2C) model can save time and money by doing
business electronically but customers must be provided with safe and secure as
well as easy-touse and convenient options when it comes to paying for
merchandise.
Page | 54
relationships between government and employees, citizens, businesses, non-
profit organizations, and other government agencies.
• Performing cost benefit analysis and risk assessment to ensure value delivery
• Implementing the right level of security
• Providing adequate user training
• Implementing appropriate policies, standards and guidelines
Mobile Commerce
Page | 55
• Telecommunications, in which service changes, bill payment and account
reviews can all be conducted from the same handheld device.
• Service/retail, as consumers are given the ability to place and pay for orders on-
thefly.
• Information services, which include the delivery of financial news, sports
figures and traffic updates to a single mobile device.
Electronic Funds Transfer (EFT) represents the way the business can receive direct
deposit of all payments from the financial institution to the company bank account.
Page | 56
Preauthorized Transfers: This is a method of automatically
depositing to or withdrawing funds from an individual’s account,
when the account holder authorizes the bank or a third party (such
as an employer) to do so. For example, consumers can authorize
direct electronic deposit of wages, social security, or dividend
payments to their accounts. Or they can authorize financial
institutions to make regular, ongoing payments of insurance,
mortgage, utility, or other bills.
Page | 57
main aim and purpose of each information system (definition of information
system) is to convert the data into information which is useful and meaningful.
(i) People, hardware, software, and data are four basic resources of
information systems;
(iii) A process is used to convert data into information for end users;
Strategic Level: These are senior managers or Top-level managers that hold the
titles such as Chief Executive Officers, Chief Financial Officers, Chief Operational
Officers etc, who take decisions that will affect the whole organization. Top
Managers do not direct the dayto-day activities of the firm; rather they set goals for
the organization and direct the company to achieve them.
Management Level: These are Middle Managers that are in the levels below top
managers and hold the job titles like General Manager, Regional manager etc.
Middlelevel Managers are responsible for carrying out the goals set by Top
Management. Because Middle Managers are more involved in the day-to-day
Page | 58
workings of a company, they may provide valuable information to Top Managers
to help improve the performance of an organization.
Knowledge Level: These include knowledge and data workers who are selected,
recruited and trained in a special manner than the non-knowledge workers. The
knowledge resides in the heads of knowledge workers and these are the most
precious resource an organization possesses.
Strategic Level Systems: For strategic managers to track and deal with strategic
issues, assisting long-range planning. A principle area is tracking changes in the
external conditions (market sector, employment levels, share prices, etc.) and
matching these with the internal conditions of the organization.
Page | 59
Operational-Level Systems: Support operational managers tracking elementary
activities. These can include tracking customer orders, invoice tracking, etc.
Operationallevel systems ensure that business procedures are followed.
Most of the Transaction Processing Systems include one or additional of the following
attributes:
Access Control - TPS: Most Transaction Processing Systems come with access
control to put a ceiling on users to only those allowed to accomplish so. Access
Control ensures that people who are not authorized to use the system are not
permissible to influence or modify the transaction process.
Equivalence - TPS: Transactions are processed in the similar format every time
to ensure that full effectiveness is achieved. The TPS Interfaces are designed to
get hold of identical data for each transaction, despite the source.
High Volume Rapid Processing - TPS: In most of the transaction processing, the
foremost issue is momentum. The instant processing of transactions is noteworthy
to the success of certain industry such as banking. TPS is designed to process
transactions in an immediate to make confident that the transaction data is
available to other users or processes that entail it.
Trustworthiness - TPS: A TPS system is designed to be robust and trustworthy.
The system is capable to process transactions very rapidly yet at the same time
conduct several checks to make certain that the data integrity is preserved.
Page | 60
Transactions Processing Qualifiers: In order to qualify as a TPS, transactions
made by the system must pass the ACID Test. The ACID Test refers to the following
four prerequisites as discussed below:
Consistency: TPS systems exist within a set of operating rules (or integrity
constraints). If an integrity constraint states that all transactions in a database
must have a positive value, any transaction with a negative value would be
refused.
Page | 61
Office Automation Systems (OAS)
- Internal
- Environmental
Knowledge Management Systems (KMS) refer to any kind of IT system that stores
and retrieves knowledge, locates knowledge sources, and uses knowledge in some
or other way to enhance the KM process.
Explicit knowledge is that which can be created and stored easily and as a
consequence is easily available across the organization. Explicit knowledge is easy to
communicate, store, and distribute and is the knowledge found in books, on the web, and
Page | 62
other visual and oral means. The most common forms of explicit knowledge are manuals,
documents, procedures, and how-to videos. Knowledge also can be audio-visual.
Tacit knowledge, on the other hand, resides in a few or in just one person and
hasn’t been captured by the organization or made available to others. It is the
hidden vast storehouse of knowledge held by practically every normal human being,
based on his or her emotions, experiences, insights, intuition, observations and
internalized information. It is this tacit knowledge that differentiates between
organizations in tough times, and hence provides the strategic edge to any
organization.
Knowledge is a sum total of “What everybody knows” about the community world.
It is a gathering of values, wisdom, education, experience, morals. The difference
between the normal and the abnormal handling of any task, process or interaction-
between employees, with the customers or with any other stake holder of the firm,
has always been made possible with the use of knowledge.
Globalization: It’s putting pressure on firms for innovation as markets are at the
present fast changing and competition is stiff. The meaning of goods and services
has changed. Now companies have started selling knowledge in addition. For a
Page | 63
research lab or software firm, not managing knowledge is similar to Wal-Mart not
managing inventory.
We all know that information is a vital factor for our existence. Just as our body
needs air, water and clothes, we are as much dependent upon information.
Page | 64
The term ‘Management Information System’ (MIS) refers to the data, equipment and
computer programs that are used to develop information for managerial use.
As the internet has developed, all of the foremost MIS solutions have now been
written to be accesses via web browsers.
Page | 65
Some Examples of MIS
(a) The user: The user is usually a manager with a problem to solve and may be
at management - level of an organization.
(b) One or more databases: Databases contain both routine and non-routine
data from both internal and external sources.
Page | 66
(c) Planning languages: Planning languages can either be general-purpose or
special-purpose allowing users to perform routine tasks and specific tasks
respectively.
(d) Model Base: Model base is the brain of the DSS as it performs data
manipulations and computations with the data provided to it by the user
and the database. The planning language in DSS allows the user to maintain
a dialogue with the model base.
Advantages/Need of DSS:
The typical information mix presented to the executive may include financial
information, work in process, inventory figures, sales figures, market trends,
industry statistics, and market price of the firm's shares. It may even suggest what
needs to be done, but differs from a Decision Support System (DSS) in that it is
targeted at executives and not managers.
Components of an EIS
Hardware: Includes Input data-entry devices, CPU, Data Storage files and Output
Devices.
Software: Includes Text base software, Database, and Graphic types such as time
series charts, scatter diagrams, maps.
User Interface: Several types of interfaces can be available to the EIS structure, such
as scheduled reports, questions/answers, menu driven etc
Specialized Systems
Enterprise Resource Planning (ERP)
Page | 68
finance/accounting, manufacturing, sales etc. ERP systems automate this activity
with an integrated software application.
ERP Stages:-
Stage – 2 ABC Analysis: ABC analysis is that technique of material control in which
we divide our material into three categories and investment is done according to
the value and nature of that category’s materials.
Page | 69
Stage – 8 Enterprise Resource Planning: ERP takes a customer order and provides a
software road map for fulfilling the order
Stage – 9 Money Resource Planning (MRP-III).: This has more emphasis on planning
of capital or managing the situation when surplus money arises.
Stage – 10 EIS-Web Enabled: Web browser software is the cheapest and simplest
client software for an EIS. Web enabled EIS is a final step in this direction.
Page | 70
Benefits of CRM:
In simple terms, SCM is a chain that starts with customers and ends with
customers. Supply Chain Management may be defined as the process of planning,
implementing and controlling the operations of the supply chain with the purpose
of satisfying the customer's requirement as efficiently as possible.
Components of SCM:
Page | 71
Integration - The last element of supply chain management is the need for
integration. It is critical that all participants in the service chain recognize the
entirety of the service chain.
CRM and SCM are two categories of enterprise software that are widely
implemented in corporations and non-profit organizations. While the primary goal
of ERP is to improve and streamline internal business processes.
CRM attempts to enhance the relationship with customers and SCM aims to
facilitate the collaboration between the organization, its suppliers, the
manufacturers, the distributors and the partners.
Page | 72
Payroll functions and facilitate salary, deductions etc calculations, eliminates errors
• Recruitment Management: This module helps in hiring the right people with
the right target skills. This module includes processes for managing open
positions/requisitions, applicant screening, assessments, selection and hiring
etc.
CORE stands for "Centralized Online Real-time Environment". The various elements
of core banking include:
Calculating interest
Managing customer accounts
Processing cash deposits and withdrawals
Processing payments and cheques
Core Banking System may be defined as the set of basic software components that
manage the services provided by a bank to its customers.
Examples of major core banking products include Infosys’ Finacle, Nucleus FinnOne
and Oracle's Flexcube application.
Page | 73
The key modules of Finacle are:
(B) Nucleus FinnOne: The Nucleus FinnOne banking suite, made and
marketed by India-based Company Nucleus software, comes with a wide variety
of applications that cover different aspects of global web banking. These
applications include:
Page | 74
FinnOne is a web-based global banking product designed to support banks
and financial solution companies in dealing with assets, liabilities, core
financial accounting and customer service.
People: AIS helps various system users that include accountants, consultants,
business analysts, managers, chief financial officers and auditors etc. from
different departments within a company to work together.
Procedure and Instructions: These include the methods for collecting,
storing, retrieving and processing data.
Page | 75
Data: Refers to the information related to the organization such as invoices
etc.
Software: It is the computer program that provide facility to store and access
data.
Internal Controls: These are the security measures such as passwords or as
complex as biometric identification
Benefits of AIS:
Artificial Intelligence
Although AI has been studied for more than half a century, we still cannot make a
computer that is as intelligent as a human in all aspects.
In some cases, the computer outfitted with AI technology can be even more
intelligent than us. The Deep Blue system which defeated the world chess
champion is a well-know example.
Expert systems, Pattern Recognition, Natural language processing, and many others
are some of the various purposes on which AI may be applied
Page | 76
Expert System
In Example-based system, developers enter the case facts and results, that
is used to match the case at hand with those previously entered in the
knowledge base.
Rule-based systems are created by storing data and decision rules as if-
then rules. The system asks the user questions and applied the if-then rules
to the answers to draw conclusions and make recommendations.
Frame based systems organize all the information (data, description, rules
etc.) about a topic into logical units called frames, which are similar to
linked records in data files.
Page | 77
Business Intelligence
The term business intelligence (BI) represents the tools and systems that play a key role in
the strategic planning process of the corporation. These systems allow a company to
gather, store, access and analyze corporate data to aid in decision-making.
Simple Reporting and Querying: This involves using the data warehouse
to get response to the query: “Tell me what happened.” The objective of
a BI implementation is to turn operational data into meaningful
knowledge.
Business Analysis: This involves using the data to get response to the
query: “Tell me what happened and why.” Business analysis allows the
user to plot data in row and column coordinates to further understand
the intersecting points.
Dashboards: This involves using the information gathered from the data
warehouse and making it available to users as snapshots
Page | 78
Business Reporting through MIS and IT
Page | 79
Streamline the process of aggregating data - Opportunities exist for
streamlining the process of aggregating data across different internal
departments, or business units of a company;
Page | 80
Role-based Access Control (RBAC): Each person/subject is given a particular
role and certain rights and permissions. When an employee changes jobs, all
previous access is removed, and the rights and permissions of the new role
are assigned.
Rules-based Access Control (RAC): RAC differs from RBAC methods because
it is largely context-based. RAC places certain rules based on a user’s role. A
manager, for example, has the ability to approve his/her employees’ hours
worked. However, when s/he attempts to approve his/her own hours, a rule
built into the application compares the employee record and the user, sees
they are the same, and temporarily removes approval privilege.
Nature of processing: This is the way an application updates data, for example
batch-processing, real-time processing.
Page | 81
Source of application: It tells the source from where application Is bought, for
example purchased (Tally), developed in-house.
Nature of business: This classification is based on the users for whom the
application has been developed. For example, for large businesses, small
businesses etc.
Functions covered: A business application may be classified based on business
function it covers. For example DSS, MIS, KIS etc
(ii) Step 2: Understand the rules / regulation which enterprise needs to comply
with?
Page | 82
This is established by a combination of internal corporate policies, external
industry regulations and local, state, and central laws.
Once the requirements have been document, ROI has been computed and
top management approval to go ahead has been received, BPA is
developed.
Page | 83
(viii) Step 8: Testing the BPA
TALLY:
SAP:
Page | 84
It has the features such as time management, reporting, budget
monitoring etc
This is used by most of the large enterprises across the world Attendance
Systems:
A lot of applications have been developed that allow entity to track their
goods while in transit.
It has features such as GPS based location, GPRS connections.
Information is also sent through SMS & e-mail notifications
on-board memory to store location inputs during times when GPRS is not
available or cellular coverage is absent
Page | 85
It has features such as automatic vehicle identification system (based on
in-road sensors), license plate recognition, zoom capability on captured
images
Page | 86
A student based on his/her registration number can file many documents
online including exam forms.
Delivery Channels
Delivery channels for information include:
E-mail: The most widely used delivery channel for information today
Social networking sites, like Facebook, whatsup, etc
Intranet: Network within the company/enterprise
More than just the intranet: Staff will (and should) use whichever methods
are easiest and most efficient to obtain information.
Understand staff needs & environment: This includes which systems do
staff use, their level of PC access, their amount of computer knowledge.
Traditional Channel need to be formalized: Instead of attempting to
eliminate existing information sources in favour of the intranet, it may be
more beneficial to formalize the current practices.
Controls in BPA
Page | 87
Control Objectives:
Page | 88
(ii) Input Controls: These are responsible for ensuring the accuracy and
completeness of data that are input into the computer. Input control
techniques are:
Data Coding Controls: These controls are put in place to reduce user
error during data feeding. Few types of error may include:
Addition: Addition of an extra character in a code. e.g. 12345
coded as 712345;
Truncation: Omission of characters in the code. e.g. 12345
coded as 2345;
Page | 89
calculated on the gross pay amount to verify if the provident
fund contribution deducted is accurate.
(iv) Output Controls: Output controls ensure that the data delivered to users
correctly.
Storage and Logging of Sensitive and Critical Forms: Pre-printed
stationery should be stored securely to prevent unauthorized
destruction or removal and usage.
Controls over Printing: It should be ensured that unauthorized
disclosure of information printed is prevented. must be trained to
select the correct printer
Page | 90
Retention Controls: Retention controls consider the duration for
which outputs should be retained before being destroyed.
Existence/Recovery Controls: These controls are needed to
recover output in the event that it is lost or destroyed.
Emerging Technologies
Grid Computing is a computer network in which each computer's
resources are shared with every other computer in the system.
Page | 91